Senior SOC Security Analyst

  • CGI
  • Ottawa, ON, Canada
  • Apr 16, 2018
Full time Information Technology Security

Job Description

Position Description:

Join us and put your career in IT-security into high-gear! 

We currently have an exciting opportunity to join the Managed Security Services (MSS) team as a Senior Security Operations Centre (SOC) Analyst. 

The Team: Managed Security Services (MSS) is composed of several teams: our two Ottawa 24x7x365 Security Operations Centres (SOCs), the Deployment and Support teams (5 teams which are each focused on several technologies and services), the solution architects, the project managers, and the client service managers. We are a very collaborative close-knit team in MSS – team spirit and satisfying career growth for our members are a key focus for all of us. 

Why us: CGI does consulting, yes, but our team is different. MSS is a dynamic and stable team of over 200 security professionals working together since 2001. We are growing! Come join us and see what it's like to work and learn in the exciting field of IT security with a great group of professionals. MSS team members are supportive and collaborative – you’ll receive the support you need to be successful in your position and to enhance your security skills while furthering your career. 

Career growth: This role provides excellent career growth potential since you will be working with leading-edge technologies and methodologies, you will have access to our various training options and there are multiple career growth paths within the MSS Team. If you are serious about honing your skills and career, we’re serious about giving you the opportunities to grow and to learn multiple security technologies and standards or to take on other tasks that are of interest to you beyond what is listed below. 

Technical environment: We use top-ranked industry-leading security tools and technologies – incorporating several security technologies for each of our multiple services. MSS has an on-site technology lab which all our members can use for installation trials and proof-of-concepts, training, testing and trouble-shooting. 

Our Clients: Many leading big-name clients trust our team and use our many managed security services to protect their business. We are gaining many new clients and the list has been growing globally into Europe and Asia since CGI’s acquisition of Logica.

Your future duties and responsibilities:

The successful candidate will (after a training period, and in collaboration with other SOC Senior Analysts): 
• Provide oversight, coaching, support and quality assurance to the SOC Analyst team members. 
• Assist and mentor the SOC Analysts with monitoring security alerts of potential hacker attacks detected by security systems such as: Intrusion Detection & Prevention Systems (NIDS/NIPS, HIDS/HIPS, WIDS), Log Monitoring, File Integrity Monitoring and SIEM. 
• Assist and mentor the SOC Analysts with determining and classifying the severity of alerts and assess potential impacts. 
• Assist and mentor the SOC Analysts with reporting and investigating potential security incidents. 
• Provide recommendations to clients for containment and eradication of threats. 
• Develop custom signatures in order to detect emerging threats. 
• Ensure that Service Level Agreements are met. 
• Provide assistance in the deployment of new security services/technologies. 
• Provide knowledge-transfer to the Security Analysts on newly deployed services/technologies. 
• Create and/or update security operations processes and procedures. 
• Assist in IT security investigations, exercises and tests. 
• Provide input during audits. 
• Research, consultation with colleagues and training to maintain awareness of trends in new security threats, technologies and regulations.
• May be requested to act as a backup to the Incident Handler position to coordinate incident handling and escalations to internal support teams to ensure timely delivery of incident resolutions. 
• Be the Subject Matter Expert (SME) for Corporate and Client Security Incidents. 
• Other related duties as assigned by the supervisor. 
• Since this is a 24x7x365 environment, shift work and/or pager rotation is required.

Required qualifications to be successful in this role:

• Experience in IT Security. 
• Strong background in TCP/IP networking. 
• Experience with three (3) or more of the following (not necessary to have all): 
o Intrusion Detection or Prevention Systems 
o System log analysis 
o Enterprise Security Information and Event Management (SIEM) system(s) 
o TCP/IP packet analysis 
o Linux or UNIX 
• Demonstrated ability for analytical thinking and research (e.g. into technologies, standards or issues). 
• Team player with ability to work autonomously. 
• Ability to speak and communicate effectively with peers, management and clients. 
• Government of Canada Secret Clearance is required (or the ability to obtain one). 

• Completion of a post-secondary educational program in IT Security or Computer Sciences from a recognized community college or university. 
• Certification(s) such as: SANS GCIH or SANS GCIA, CCNA, CISSP, ITIL 
• Experience working in an IT Security Operations Centre, incorporating SANS methodology.